Data Breach Reporting Requirements. If a Data Breach occurs, the contractor shall do the following in accordance with IC 4-1-11 and IC 24-4.9 as they may apply: (1) as soon as possible notify the State-identified contact(s) by telephone and email, but in no case later than two (2) days after the Data Breach occurs unless a shorter notice period is required by applicable law; and (2) take commercially-reasonable measures to address the Data Breach in a timely manner. Notice requirements may be clarified in the Service Level Agreement. If the Data involved in the Data Breach involves protected health information, personally identifying information, social security numbers, or otherwise confidential information, other sections of this contract may apply. The requirements discussed in those sections must be met in addition to the requirements of this section.
Appears in 4 contracts
Samples: Quantity Purchase Agreeement for Managed Services, Quantity Purchase Agreeement for Managed Services, Professional Services Contract
Data Breach Reporting Requirements. If a Data Breach occurs, the contractor shall do the following in accordance with IC 4-1-11 and IC 24-4.9 as they may apply: (1) as soon as possible notify the State-identified contact(s) by telephone and email, but in no case later than two (2) days after the Data Breach occurs unless a shorter notice period is required by applicable law; and (2) take commercially-commercially- reasonable measures to address the Data Breach in a timely manner. Notice requirements may be clarified in the Service Level Agreement. If the Data involved in the Data Breach involves protected health information, personally identifying information, social security numbers, or otherwise confidential information, other sections of this contract may apply. The requirements discussed in those sections must be met in addition to the requirements of this section.
Appears in 2 contracts
Samples: Quantity Purchase Agreeement for Managed Services, Quantity Purchase Agreeement for Managed Services
Data Breach Reporting Requirements. If a Data Breach occurs, the contractor Contractor shall do the following in accordance with IC 4-1-11 and IC 24-4.9 as they may apply: (1) as soon as reasonably possible notify the State-identified contact(s) by telephone and email, but in no case later than two (2) business days after the Data Breach occurs unless a shorter notice period is required by applicable law; and (2) take commercially-reasonable measures to address the Data Breach in a timely manner. Notice requirements may be clarified in the Service Level Agreement. If the Data involved in the Data Breach involves protected health information, personally identifying information, social security numbers, or otherwise confidential information, other sections of this contract may apply. The requirements discussed in those sections must be met in addition to the requirements of this section.
Appears in 1 contract
